Sign up for our newsletter

Blog Thread

The best way to keep your files secure in today’s internet age is to keep things offline, period. Unfortunately, that’s not possible with present technology. We can’t move backwards in business, but to keep moving forward with new conveniences such as cloud computing, we all need to be aware of new risks and challenges that may arise. Here’s what you should know when it comes to security breaches:

Data Breach:

You may have heard about celebrity photos being stolen from the cloud storage space. When we rely on cloud computing, we are all exposed to this same risk. Unless you have your data stored on your local computer, which is not online, we all face this risk anytime we are transmitting data online, email, in the cloud. Be aware of who has access to your files in the cloud, change the password to something memorable that has characters, numbers and capital letters in it, and keep changing it on a regular basis. (Definitely do NOT use something like “password” or “0000.”) Audit the status of your cloud access on a regular basis and make sure your team is following policies you’ve put in place for access, sharing and password changes.

Hijacking:

Browser hijacking occurs when scammers install malicious software (malware) to take control of your web browser. It can occur more often than you think. It can happen again with weak passwords, or with the security issues in the software itself. You need to make sure your software is up to date (most current version) and put in place strong password policies. Sometimes, hijacking can occur without you realizing it, and scammers can figure out deceptive ways to get your password or your account information. Do not use your password for a site that is not yours, and review your credit card and bank statement often.

Malicious Files:

Malicious files may be placed in your desktop from an innocent website which looks just fine. Hackers will inject malicious code into legitimate JavaScript hosted on a site – and the site’s owner may not even be aware their site is infected. Run an anti-virus, anti-spyware/malware software program on a regular basis to catch them before it’s too late.

DoS Attacks:

DoS stands for Denial of Service, and it is basically when an attacker tries to prevent a legitimate user from accessing information. According to US-CERT.gov: “The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can't process your request. This is a 'denial of service' because you can't access that site.” This type of attack can similarly happen over email and in the cloud. When this happens, contact your service provider.

Social Engineering:

Of all the technology we have in this new age, humans are still the cause of major scams using a technique called Social Engineering. This occurs when they call or email your office, pretending to be your staff, or your bank, or someone familiar, and try to get sensitive information such as your passwords, social security numbers and such. Again, you will need to have a policy and procedure for recognizing and handling these types of phony calls or emails to prevent any type of fraud.